Remote Code Execution Vulnerability in Edimax BR-6473AX Router
CVE-2025-56706

8HIGH

Key Information:

Vendor: Edimax
Status: BR-6473AX
Vendor: CVE Published:; 16 September 2025

What is CVE-2025-56706?

A significant remote code execution vulnerability has been identified in the Edimax BR-6473AX router, specifically affecting version 1.0.28. The flaw arises from improper handling of the Object parameter in the openwrt_getConfig function, allowing attackers to inject and execute arbitrary code remotely. This could lead to unauthorized access and manipulation of network resources, posing severe risks to users and their data. It is critical for users to apply appropriate security measures to mitigate the potential exploitation of this vulnerability.

References

https://github.com/woaiqjj/CVE/blob/main/BR-6473AX/1.md

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Aug 17, 2025

JSON